Switch remaining PHP sites to use FPM
authorTom Hughes <tom@compton.nu>
Mon, 13 Jul 2020 17:52:28 +0000 (18:52 +0100)
committerTom Hughes <tom@compton.nu>
Mon, 13 Jul 2020 17:52:28 +0000 (18:52 +0100)
cookbooks/dmca/recipes/default.rb
cookbooks/donate/recipes/default.rb
cookbooks/donate/templates/default/apache.erb
cookbooks/wordpress/recipes/default.rb
cookbooks/wordpress/templates/default/apache.erb

index c0bd959a630852b4dfe1f7a6ef38b74e34dc4dd4..4190ef3cb5aacdc74fe9e9381ede618c7154ae68 100644 (file)
@@ -18,7 +18,7 @@
 #
 
 include_recipe "apache"
-include_recipe "php::apache"
+include_recipe "php::apache-fpm"
 
 directory "/srv/dmca.openstreetmap.org" do
   owner "root"
index 1c36bfb1e03025826bf9b18bc7c7f9631fe2fa5c..d67ad5b8cde4417e32f4570bca3c760b2d4b739b 100644 (file)
@@ -21,7 +21,7 @@ include_recipe "accounts"
 include_recipe "apache"
 include_recipe "git"
 include_recipe "mysql"
-include_recipe "php::apache"
+include_recipe "php::apache-fpm"
 
 package %w[
   php-cli
index 9404ad13ad03e2f6f676fede00989b78087a4957..4efae184eb99259fef8257d2813f751136f8d489 100644 (file)
@@ -27,8 +27,7 @@
 
   DocumentRoot /srv/donate.openstreetmap.org
 
-  php_admin_value open_basedir /srv/donate.openstreetmap.org/:/usr/share/php/:/tmp/
-  php_admin_value disable_functions "exec,shell_exec,system,passthru,popen,proc_open"
+  ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/srv/donate.openstreetmap.org/:/usr/share/php/:/tmp/\ndisable_functions=exec,shell_exec,system,passthru,popen,proc_open"
 
   # Alias Dynamic Content to data folder to avoid serving dummy git content
   Alias /donors-eur.csv /srv/donate.openstreetmap.org/data/donors-eur.csv
index 800d3c6004eb6106002854f5acdb9f83e1c3174a..df45000376accb6e805cc3738b00ccf399032010 100644 (file)
@@ -22,7 +22,7 @@ include_recipe "apache"
 include_recipe "fail2ban"
 include_recipe "git"
 include_recipe "mysql"
-include_recipe "php::apache"
+include_recipe "php::apache-fpm"
 
 package %w[
   subversion
index 34c25059d659cd84db200dd2e853377a7459ba8a..ea2e20c0c2a2bbf641a2fe74b5e62de3e4248ba9 100644 (file)
   Alias <%= url %> <%= directory %>
   <Directory <%= directory %>>
     AllowOverride None
-    php_admin_flag engine off
     Require all granted
+    <FilesMatch ".+\.ph(ar|p|tml)$">
+      SetHandler None
+    </FilesMatch>
   </Directory>
 <% end -%>
 
-  php_admin_value open_basedir <%= @directory %>/:/usr/share/php/:/tmp/
-  php_admin_value disable_functions "exec,shell_exec,system,passthru,popen,proc_open"
-  php_value upload_max_filesize 70M
-  php_value post_max_size 100M
+  ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=<%= @directory %>/:/usr/share/php/:/tmp/\ndisable_functions=exec,shell_exec,system,passthru,popen,proc_open"
+  ProxyFCGISetEnvIf "true" PHP_VALUE "upload_max_filesize=70M\npost_max_size=100M"
 
   <Directory <%= @directory %>>
     RewriteEngine on
@@ -71,7 +71,9 @@
   <Directory <%= @directory %>/uploads>
     AllowOverride None
     AddType text/plain .html .htm .shtml
-    php_admin_flag engine off
+    <FilesMatch ".+\.ph(ar|p|tml)$">
+      SetHandler None
+    </FilesMatch>
   </Directory>
 
   <Directory ~ "\.svn">